<?
!defined('M_COM') && exit('No Permisson');
class qqconnect{
	private $appid, $appkey, $callback ,$scope;
	function __construct($appid,$appkey,$scope = "get_user_info"){
		global $cms_abs;		
		preg_match('/(([0-9a-z-]+\.)(com|cn|mobi|gov.cn|so|net|org|name|me|co|com.cn|net.cn|org.cn|tel|info|biz|cc|tv|hk|asia))(\/)?/i',$cms_abs,$match);
		if(!empty($match[1])){
			define("MAIN_DOMAIN", ".".$match[1]);
			define("COOKIE_DOMAIN", true); 
			if(defined("COOKIE_DOMAIN") && COOKIE_DOMAIN){
				if(defined("MAIN_DOMAIN")) @ini_set("session.cookie_domain", MAIN_DOMAIN);
			}
		}
		session_start();
		$this->appid = $appid;
		$this->appkey = $appkey;
		$this->scope = $scope;
		$this->callback = $cms_abs.'tools/qq_login.php';
	}
	static function do_post($url, $data){
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
		curl_setopt($ch, CURLOPT_POST, TRUE); 
		curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
		curl_setopt($ch, CURLOPT_URL, $url);
		$ret = curl_exec($ch);
		curl_close($ch);
		return $ret;
	}
	static function get_url_contents($url){
		if (ini_get("allow_url_fopen") == "1") $result = @file_get_contents($url);
		if(empty($result)){
			$ch = curl_init();
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
			curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); 
			curl_setopt($ch, CURLOPT_URL, $url);
			$result =  curl_exec($ch);
			curl_close($ch);
		}
		return $result;
	}
	function get_authorization_code(){
		$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
		$login_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=" 
			. $this->appid . "&redirect_uri=" . urlencode($this->callback)
			. "&state=" . $_SESSION['state']
			. "&scope=".$this->scope;
		header("Location:$login_url");	
	}
	function get_access_token($code){
		$token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"
			. "client_id=" . $this->appid. "&redirect_uri=" . urlencode($this->callback)
			. "&client_secret=" . $this->appkey . "&code=" . $code;
		$response = qqconnect::get_url_contents($token_url);
		if(strpos($response, "callback") !== false){
			$lpos = strpos($response, "(");
			$rpos = strrpos($response, ")");
			$response  = substr($response, $lpos + 1, $rpos - $lpos -1);
			$msg = json_decode($response);
			if(isset($msg->error)){
				echo "<h3>error:</h3>" . $msg->error;
				echo "<h3>msg  :</h3>" . $msg->error_description;
				exit;
			}
		}
		$params = array();
		parse_str($response, $params);
		$_SESSION["access_token"] = $params["access_token"];
		empty($_SESSION['access_token']) && die('Unable to get access_token');
	}
	function get_openid(){
		$graph_url = "https://graph.qq.com/oauth2.0/me?access_token=" 
			. $_SESSION['access_token'];
		$str  = qqconnect::get_url_contents($graph_url);
		if(strpos($str, "callback") !== false){
			$lpos = strpos($str, "(");
			$rpos = strrpos($str, ")");
			$str  = substr($str, $lpos + 1, $rpos - $lpos -1);
		}
		$user = json_decode($str);
		if(isset($user->error)){
			echo "<h3>error:</h3>" . $user->error;
			echo "<h3>msg  :</h3>" . $user->error_description;
			exit;
		}
		$_SESSION["openid"] = $user->openid;
		empty($_SESSION['openid']) && die('Unable to obtain openid');
	}
	function get_user_info(){
		global $mcharset;
		$get_user_info = "https://graph.qq.com/user/get_user_info?"
			. "access_token=" . $_SESSION['access_token']
			. "&oauth_consumer_key=" . $this->appid
			. "&openid=" . $_SESSION['openid']
			. "&format=json";
		$info = qqconnect::get_url_contents($get_user_info);
		$arr = json_decode($info, true);
		return strcasecmp($mcharset,'utf-8') === 0 ? $arr : @convert_encoding('utf-8',$mcharset,$arr);
	}
}
?>